Ransomware plus anonymity = a ruthless combination

CryptoDefense, and its predecessor CryptoLocker, are toxic new names in ransomware. They have only been around since September 2013; few expected them to still be operational, but the numbers are alarming. According to one university survey, 1 in 30 users have been infected, and 40% of those paid the ransom.

Here’s how it works: once one of these infects a system, it encrypts all files, travels to any other computers that are networked, and encrypts those also. You see a message showing you a countdown to when your files will be permanently lost; pay up or lose.

Here’s one reason it is still around: ransom payment is expected in Bitcoin. This is an online payment network that is growing in popularity, due to its ease of use and low transaction fees. Another of Bitcoin’s features, particularly lethal in this case, is its complete anonymity; there is no way to trace either the payer or the payee. This allowed the writers of CryptoLocker to extort an estimated 27 million dollars by mid-December. And they are still at-large.

Five steps to avoid losses from ransomware infection:

• Hover over all links in unfamiliar email; check for a legitimate IP address, not a long string of unrelated characters • Never open attachments from any sender you don’t know. • Update your anti-virus, anti-spam and malware programs, and have a solid firewall. • Schedule regular, remote backups and have a realistic disaster recovery plan. • Have an IT professional audit your network security.

CryptoLocker and CryptoDefense are at the root of some of the most distressing events that can happen to your network and your data. Protect yourself; let us know how we can help.